New Cyber Report

By Scott Morgan Exclusively For Vanguard Global & Defense Unlimited


Rarely does a news cycle pass by without a report of either a Government institution or a private entity revealing that it has been the target of an attempted hack by nefarious actors.


On October 15th Google released an interesting report. The company revealed that since the first of the year it had sent an estimated 50,000 security alerts regarding the use of malware or attempts at phishing by state sponsored groups. Some of those who have been targeted include Journalists, Human Rights activists and other critical voices.


The numbers that were presented indicate that these activities increased 33% from 2020. Currently TAG (Threat Advisory Group) a unit of Google has stated that currently it has 270 State Sponsored Entities from 50 Countries that it considers to be threat actors on such a level that they are under constant surveillance by the Company.


Some of the entities have made the news for their activities. One group ATP 28 also known by the moniker Fancy Bear which operates from Russia was found to be a major source in the increase of hacking activity. But the Russians are not the only players active in this field.


Another country where attacks were determined to originate from was Iran. One group had their activities tracked by Google as APT 35. The names associated with this tracking efforts include Charming Kitten, Phosphorous and Newscaster. One of their major efforts was a scheme called Operation SpoofedScholars. This was a targeted effort designed to attack think tanks, journalists and scholars with the goal of soliciting sensitive information from their unsuspecting targets by presenting themselves as being from the London School of Oriental and African Studies (SOAS). Details of this attack were revealed by an enterprise firm in July 2021.


Another tactic that was used was impersonating security officials by sending “non-malicious first contact email messages” modeled around the Munich Security and Think-20 (T20) conferences in Italy as part of a phishing campaign to lure high profile individuals into visiting rogue webpages that the criminals could use to their advantage.


Other attacks that were documented included uploading a Spyware infected app to the Google Play Store that, if installed by the victim, would siphon off sensitive information such as call logs, text messages, contact lists and locations from the infected devices. Those who used APT35 would be notified when these devices were being used Telegram often in realtime when these devices were being used.


Although not specifically mentioned in the latest brief, it is conventional wisdom that countries such as North Korea have also been known to use hacking software. Software made by Israel has been used to track journalists in such places as Ethiopia as well.


Access to information is a critical security threat. This threat is not only faced by Government entities but also by the private sector as well. Those using these products are not just Government but also non-state actors as well. Securing one's data is a critical necessity to literally keep a company running.


No wonder why Cybersecurity is evolving into a multi-billion dollar industry which continues to show prospects for growth for the foreseeable future. The attackers continue to evolve their technology faster than the security experts.




 


Recent Posts

See All